From cd0299e663bb97fff574a023fc53576a5a4e6a2b Mon Sep 17 00:00:00 2001 From: Mitchell Krog Date: Thu, 27 Jun 2019 09:08:16 +0200 Subject: [PATCH] TEST Whitelisting IPs REF: #201 --- .dev-tools/globalblacklist-testing.template | 84 ++++++++++----------- .dev-tools/test-blocker-whitelist-ips.sh | 4 +- 2 files changed, 42 insertions(+), 46 deletions(-) diff --git a/.dev-tools/globalblacklist-testing.template b/.dev-tools/globalblacklist-testing.template index 66f3aae61..03fe2332b 100644 --- a/.dev-tools/globalblacklist-testing.template +++ b/.dev-tools/globalblacklist-testing.template @@ -7728,29 +7728,6 @@ geo $validate_client { 54.242.250.203 1; # END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ### - -# **************************** -# Known Bad IP's and IP Ranges -# ************************************************* -# Blacklist IP addresses and IP Ranges Customizable -# ************************************************* - -# BLACKLIST all your IP addresses and Ranges using the new include file below. - # New Method Uses the include file below so that when pulling future updates your - # Custom Blacklisted IP addresses are automatically now included for you. - # Read Comments inside blacklist-ips.conf for customization tips. - # Updating the main globalblacklist.conf file will not touch your custom include files - -# ******************************************************************** -# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### -# ******************************************************************** - - include /etc/nginx/bots.d/blacklist-ips.conf; - -# ****************************************************************** -# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### -# ****************************************************************** - # ********************************************************************************************* # KNOWN BAD IP ADDRESSES # Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses @@ -17759,27 +17736,6 @@ geo $validate_client { 46.101.115.65 1; # END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ### - -# *********************************** -# Whitelist all your OWN IP addresses -# *********************************** - -# WHITELIST all your own IP addresses using the include file below. - # New Method Uses the include file below so that when pulling future updates your - # whitelisted IP addresses are automatically now included for you. - # Read Comments inside whitelist-ips.conf for customization tips. - # Updating the main globalblacklist.conf file will not touch your custom include files - -# ************************************************************************** -# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### -# ************************************************************************** - - include /etc/nginx/bots.d/whitelist-ips.conf; - -# ************************************************************************ -# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### -# ************************************************************************ - # **************** # Google IP Ranges # **************** @@ -17871,6 +17827,46 @@ geo $validate_client { 2c0f:f248::/32 0; # END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ### +# ************************************************* +# Blacklist IP addresses and IP Ranges Customizable +# ************************************************* + +# BLACKLIST all your IP addresses and Ranges using the new include file below. + # New Method Uses the include file below so that when pulling future updates your + # Custom Blacklisted IP addresses are automatically now included for you. + # Read Comments inside blacklist-ips.conf for customization tips. + # Updating the main globalblacklist.conf file will not touch your custom include files + +# ******************************************************************** +# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### +# ******************************************************************** + + include /etc/nginx/bots.d/blacklist-ips.conf; + +# ****************************************************************** +# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### +# ****************************************************************** + + +# *********************************** +# Whitelist all your OWN IP addresses +# *********************************** + +# WHITELIST all your own IP addresses using the include file below. + # New Method Uses the include file below so that when pulling future updates your + # whitelisted IP addresses are automatically now included for you. + # Read Comments inside whitelist-ips.conf for customization tips. + # Updating the main globalblacklist.conf file will not touch your custom include files + +# ************************************************************************** +# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### +# ************************************************************************** + + include /etc/nginx/bots.d/whitelist-ips.conf; + +# ************************************************************************ +# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ### +# ************************************************************************ diff --git a/.dev-tools/test-blocker-whitelist-ips.sh b/.dev-tools/test-blocker-whitelist-ips.sh index 382f52e60..5460bac4c 100755 --- a/.dev-tools/test-blocker-whitelist-ips.sh +++ b/.dev-tools/test-blocker-whitelist-ips.sh @@ -45,7 +45,7 @@ echo "${bold}${green}-------------------------" printf "\n\n" sudo truncate -s 0 ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/blacklist-ips.conf -#printf '%s\t%s\n' "${thisip}" "1;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/blacklist-ips.conf +printf '%s\t%s\n' "${thisip}" "1;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/blacklist-ips.conf printf '%s\t%s\n' "127.0.0.1" "1;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/blacklist-ips.conf sudo cp ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/blacklist-ips.conf /etc/nginx/bots.d/blacklist-ips.conf @@ -55,7 +55,7 @@ echo "${bold}${green}--------------------" printf "\n\n" sudo truncate -s 0 ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf -#printf '%s\t%s\n' "${thisip}" "0;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf +printf '%s\t%s\n' "${thisip}" "0;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf printf '%s\t%s\n' "127.0.0.1" "0;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf sudo cp ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf /etc/nginx/bots.d/whitelist-ips.conf